Join over 2,000+ happy customers
Penetration Testing or Pen Testing is a technical review of your systems, your processes and sometimes your people. Penetration Testing is carried out to uncover vulnerabilities, threats and risks that an attacker could exploit in software applications, networks or web applications.
Penetration Testing can be called many things. We commonly see pentest, pentesting and PENtest. They are all the same thing.
We perform a number of different types and classes of penetration testing to help enable you to get the maximum return on your testing investment.
You reduce your Cyber Risk with penetration testing, as well as protect your customers and your own information as well help maintain your reputation.
Our penetration tests leverage deep knowledge of attacker’s behaviours and methods. We use the same tools, tactics and procedures (TTPs). Every test is custom built to every client’s needs and requirements. We assess specific aspects of the security program and the state of security of systems, networks and applications within the scope.
We set modern, realistic goals for our talented penetration testers to attempt to achieve. These are the same goals that actual attackers would have in place to justify their time and investment in their attacks.
We have some pre-built testing packages for web apps, mobile application, external infrastructure, internal penetration testing, IoT device testing but if you need something more bespoke and in-depth, Hedgehog can help.
Join over 2,000+ happy customers
The Hedgehog Vulnerability Scanning service is here to help you protect your external infrastructure, keeping your business and your data safe. The vulnerability scanning service is fast and easy to use. Using our external vulnerability scanning service will enable you to:
Our scanning service is very simple to use. You simply log into our scanning platform (access will be provided following your purchase) and enter your IP addresses or URLs. If you would like to use the scheduler, you can choose the time and date you want your scans to run. Once the scans are completed you can view your reports online.
If you need to rerun your scans, you can do this direct from the scanner interface whenever you need to.
We have three different levels or types of vulnerability scanning available. The standard vulnerability scan is our foundation service at £8 per asset scanned. Our Advanced service removes 99% of all false positives so you are only working on actual vulnerabilities. Our Advanced scanning service is £18 per asset scanned.
To completement these two services, and to fill the gap between vulnerability scanning and full penetration testing, we offer a Lightweight Pentest at £345 per asset scanned.
Join over 2,000+ happy customers
Cyber Essentials is the Government-backed, industry supported foundation for basic cyber security hygiene. The Scheme has been carefully designed to guide organisations of any size in protecting themselves against cyber threats.
The foundation level is an independently verified self-assessment. You complete an online assessment questionnaire which is approved by a Senior Executive of your business. Upon submission, we will independently review and confirm your responses. If successful, we will award you the requisite certificate and badge that you can display on your company website.
The next stage of your security journey and involves both independent internal and external tests of your network and computers. You must have been awarded the foundation level certification in the last three months before you can proceed with accreditation. Successful accreditation provides a higher level of assurance. It demonstrates that your organisation has a robust cyber security regime. It shows that controls are present to maintain a vigorous defence against Internet-based attacks.
The cost of Cyber Essentials can vary quite a lot between assessment companies. We have always endeavoured to keep our costs very transparent. Below you can see the costs and if you wish, you can purchase directly on our site by clicking on your required option.
Cyber Essentials Assessment only: £250.00 plus VAT
Cyber Essentials Plus for up to 50 devices, all being the same build: £1,500.00 plus VAT
We also offer Cyber Essentials Plus for larger networks. You can select the size of your network from the dropdown option on the CE Plus page above.
For companies with more complex needs, please simple download, complete and return this Cyber Essentials Scoping sheet and we will send you a bespoke price.
Join over 2,000+ happy customers
The PSN (Public Services Network) is the UK government’s network that connects all public services together. The network, which helps public sector organisations work together, reduces duplication and enables sharing of resources.
We offer complete penetration testing and IT Health Check services to assist with your PSN CoCo (Code of Connection) submission. We regularly work with councils to perform ITHC’s for PSN compliance. We are contracted by several local and regional councils and departments to provide single and multi-year compliance audit programs.
An IT Health Check required both an Internal and an External assessment by a qualified assessor / auditor.
Depending on the size of the network and number of devices, sample testing of a minimum of 10 per cent of the estate can be performed and correct scoping is critical to ensure that the service offered meets the CoCo requirements without being overbearing and over budget.
The External Assessment part of the ITHC should include public-facing services such as email servers, web servers and other systems such as the firewalls in place to prevent unauthorised access from the public Internet into your organisation.
Any other inbound connections from the Internet such as Remote Access or Site-to-Site Virtual Private Networks (VPNs) also need to be penetration tested as part of the engagement. This assessment takes place for the infrastructure and authentication methods in place to protect the connections.
Internal testing takes the form of a Penetration Test and should include Vulnerability Scanning and a thorough Manual Analysis of your internal network.
At a minimum it should include:
Desktop and Server build and configuration, and network management security
Patching of Operating Systems, Applications and Firmware levels
Configuration of Remote Access solutions including Virtual Private Networks (VPNs) and the associated authentication
Build and Configuration Review of Laptops and other Mobile devices such as phones and tablets used for remote access
Internal Security Gateway configuration including the Firewall connection to the PSN network.
Wireless Network configuration
The assessment of the above look to provide assurance that your internal systems are configured in a secure manner and are being properly maintained.
Cyber Security for any size of business
CREST member company
Team of friendly certified experts
